Jump to content

Diogo_

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral
  1. On a side not I've been using Comodo Internet Security along with Malwarebytes and Spy-bot. Is Comodo any good or there are better free software that includes antivirus and firewall? Regards
  2. Thanks I usually browse safely and run antivirus and malware scans at least once a week, but this time the bar came attached to another software I was installing even though I did reject it's installation it did install some components of it stealthily
  3. Had to unnistall all and re-install 7, but its working properly now. Thanks
  4. http://img838.imageshack.us/img838/5297/96240380.png Should i just unninstall the highlighted or all of them then follow your link?
  5. Log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33 Run by Diogo at 22:28:23 on 2012-09-08 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.1033.18.8104.6063 [GMT 1:00] . AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0} AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Windows\System32\igfxtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\PROGRAM FILES (X86)\ASUS\SONIC FOCUS\SONICFOCUSTRAY.EXE C:\Program Files\ELANTECH\ETDCTRL.EXE C:\PROGRAM FILES (X86)\INTEL\INTEL® RAPID STORAGE TECHNOLOGY\IASTORICON.EXE C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Windows\explorer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://asus.msn.com uInternet Settings,ProxyOverride = local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{219839D1-ACAD-4244-A44F-09C85CB40F84} : DhcpNameServer = 212.18.160.133 212.18.160.134 TCP: Interfaces\{D8F61AAA-ADFC-4135-BE93-8CD0D2E5871E} : DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40} : DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\56465727F616D6 : DhcpNameServer = 10.19.90.11 193.136.188.249 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\64F4E4F5A5F4E4F564255454F594E4455425E45445 : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\64F4E4F5A5F4E4F564255454F594E4455425E45445 : DhcpNameServer = 192.168.3.1 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\7657563747D256D255 : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\7657563747D256D255 : DhcpNameServer = 193.136.188.249 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Diogo\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/|http://hattrick.org/StartPage.aspx?|http://9gag.com/ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Diogo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Diogo\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll FF - plugin: C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Diogo\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?] R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024] R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\system32\DRIVERS\cmderd.sys --> C:\Windows\system32\DRIVERS\cmderd.sys [?] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-1-6 913792] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-7 13592] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928] R2 VmbService;Serviço Vodafone Mobile Broadband;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-6-25 9216] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys --> C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-16 1262400] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-7 250568] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-3-15 14216] S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-3-15 8456] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] S3 massfilter;MBB Mass Storage Filter Driver;C:\Windows\system32\DRIVERS\massfilter.sys --> C:\Windows\system32\DRIVERS\massfilter.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-3 114144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 ZTEusbnet;ZTE USB-NDIS miniport;C:\Windows\system32\DRIVERS\ZTEusbnet.sys --> C:\Windows\system32\DRIVERS\ZTEusbnet.sys [?] S3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\system32\DRIVERS\ZTEusbvoice.sys --> C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-09-08 18:51:41 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2012-09-08 16:47:02 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{07314CCF-1D68-4998-81B3-FDBEEA9C9213}\mpengine.dll 2012-09-07 23:11:28 -------- d-----w- C:\$RECYCLE.BIN 2012-09-07 13:18:20 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-04 21:51:00 -------- d-----w- C:\Program Files (x86)\ESET 2012-09-04 21:39:21 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2012-09-04 21:39:04 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2012-09-04 21:30:04 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-09-04 20:34:05 98816 ----a-w- C:\Windows\sed.exe 2012-09-04 20:34:05 518144 ----a-w- C:\Windows\SWREG.exe 2012-09-04 20:34:05 256000 ----a-w- C:\Windows\PEV.exe 2012-09-04 20:34:05 208896 ----a-w- C:\Windows\MBR.exe 2012-09-04 12:46:47 -------- d-----w- C:\Program Files (x86)\Safer Networking 2012-09-04 12:39:59 -------- d-----w- C:\Program Files (x86)\Unlocker 2012-09-04 11:46:15 388096 ----a-r- C:\Users\Diogo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-09-02 18:07:59 32600 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe 2012-09-02 18:07:48 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys 2012-08-24 20:12:12 -------- d-----w- C:\Users\Diogo\AppData\Roaming\FLEXnet 2012-08-23 14:35:40 -------- d-----w- C:\Users\Diogo\AppData\Roaming\Vodafone 2012-08-23 14:35:31 121344 ----a-w- C:\Windows\System32\drivers\zteusbvoice.sys 2012-08-23 14:35:29 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbnmea.sys 2012-08-23 14:35:28 135168 ----a-w- C:\Windows\System32\drivers\ZTEusbnet.sys 2012-08-23 14:35:27 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbser6k.sys 2012-08-23 14:35:27 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbmdm6k.sys 2012-08-23 14:35:26 11776 ----a-w- C:\Windows\System32\drivers\massfilter.sys 2012-08-23 14:34:45 -------- d-----w- C:\Program Files (x86)\Vodafone 2012-08-21 18:00:50 -------- d-----w- C:\Users\Diogo\AppData\Roaming\Aimersoft Video Converter Ultimate 2012-08-21 18:00:42 -------- d-----w- C:\Users\Diogo\AppData\Local\Aimersoft 2012-08-21 18:00:41 -------- d-----w- C:\Program Files (x86)\Common Files\Aimersoft 2012-08-21 18:00:30 892928 ----a-w- C:\Windows\SysWow64\iconv.dll 2012-08-21 18:00:30 675840 ----a-w- C:\Windows\SysWow64\ac3filter.ax 2012-08-21 18:00:30 496640 ----a-w- C:\Windows\SysWow64\xvid.ax 2012-08-15 11:26:30 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-08-15 11:06:12 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-08-15 11:06:11 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-08-15 11:05:47 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-08-15 11:05:47 67072 ----a-w- C:\Windows\splwow64.exe 2012-08-15 11:05:47 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-15 11:05:47 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-08-15 11:03:57 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-08-15 11:03:57 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-15 11:03:57 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-15 11:03:51 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-08-15 11:03:40 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-08-11 16:32:00 -------- d-----w- C:\Users\Diogo\AppData\Local\SKIDROW 2012-08-11 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-08-11 16:28:28 -------- d-----w- C:\Program Files (x86)\Steam 2012-08-11 16:20:31 -------- d-----w- C:\Windows\SysWow64\directx 2012-08-11 16:17:54 1998168 ----a-w- C:\Windows\System32\D3DX9_43.dll . ==================== Find3M ==================== . 2012-09-08 18:51:37 916456 ----a-w- C:\Windows\System32\deployJava1.dll 2012-09-08 18:51:37 1034216 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-09-07 23:19:37 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2012-09-03 20:25:09 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-03 20:25:08 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-03 12:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-26 07:02:40 330240 ----a-w- C:\Windows\MASetupCaller.dll 2012-06-26 07:02:38 45320 ----a-w- C:\Windows\SysWow64\MAMACExtract.dll 2012-06-18 09:55:16 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-06-18 09:55:16 472840 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 22:30:54,69 =============== Attachment: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 19-12-2011 22:51:07 System Uptime: 08-09-2012 17:35:00 (5 hours ago) . Motherboard: ASUSTeK Computer Inc. | | K53SV Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 250 GiB total, 148,969 GiB free. D: is FIXED (NTFS) - 321 GiB total, 38,771 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP157: 02-09-2012 21:33:54 - Scheduled Checkpoint RP158: 03-09-2012 22:54:55 - Installed DirectX RP159: 04-09-2012 23:23:24 - Windows Update RP160: 05-09-2012 15:57:22 - Installed Java 7 Update 7 (64-bit) RP161: 07-09-2012 23:43:57 - ComboFix created restore point RP162: 08-09-2012 17:46:33 - Windows Update RP163: 08-09-2012 19:46:07 - Removed Java 7 Update 7 (64-bit) RP164: 08-09-2012 19:46:37 - Installed Java 7 Update 7 (64-bit) RP165: 08-09-2012 19:50:58 - Removed Java 7 Update 7 (64-bit) RP166: 08-09-2012 19:51:21 - Installed Java 7 Update 7 (64-bit) . ==== Installed Programs ====================== . ??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? ???? ??? Windows Live ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? ??????? Windows Live Mesh ActiveX ??? ???????? ?????????? Windows Live ?????????? Windows Live Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Advanced SystemCare 5 ASUS AI Recovery ASUS FancyStart ASUS K3 Series ScreenSaver ASUS LifeFrame3 ASUS Live Update ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS WebStorage AsusVibe2.0 ATK Package Battlefield Heroes Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diablo III EA SPORTS Game Face Browser Plugin 1.5.3.0 EASEUS Data Recovery Wizard Professional 5.5.1 EASEUS Partition Master 6.5.2 Home Edition ESET Online Scanner v3 Facebook Video Calling 1.2.0.159 Fallout New Vegas Galeria de Fotografias do Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live GEAR driver installer Google Update Helper Gotham City Impostors: Free To Play HiJackThis Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HyperCam 3 Intel PROSet Wireless Intel® Control Center Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 33 Junk Mail filter update K-Lite Codec Pack 8.0.7 (Full) League of Legends Malwarebytes Anti-Malware version 1.62.0.1300 MediaMonkey 4.0 Mesh Runtime Microsoft .NET Framework 1.1 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft XNA Framework Redistributable 4.0 Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mumble 1.2.3 Notepad++ NVIDIA PhysX Pando Media Booster Plants vs Zombies PowerISO PunkBuster Services Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Reader Driver Revo Uninstaller 1.94 RunAlyzer S?????? f?t???af??? t?? Windows Live Samsung Kies Samsung New PC Studio Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Skype™ 5.10 SlimDrivers Smart Defrag 2 Sonic Focus SPSS Statistics 17.0 Spybot - Search & Destroy SpywareBlaster 4.6 St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Steam syncables desktop SE TI Connect 1.6 TI NoteFolio Creator Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Vodafone Mobile Broadband Lite Vodafone web phone Windows Live Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash Wireless Console 3 World of Goo Xfire (remove only) . ==== Event Viewer Messages From Past Week ======== . 08-09-2012 19:15:22, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 08-09-2012 17:38:02, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 08-09-2012 17:38:02, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 08-09-2012 17:35:21, Error: Service Control Manager [7003] - The ATKGFNEX Service service depends the following service: ASMMAP64. This service might not be installed. 08-09-2012 17:33:57, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.708.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 08-09-2012 17:33:57, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 08-09-2012 17:33:09, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 08-09-2012 17:24:22, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 08-09-2012 17:24:15, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 08-09-2012 17:24:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 08-09-2012 17:24:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 08-09-2012 17:24:06, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 08-09-2012 17:24:02, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 08-09-2012 17:23:56, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATKWMIACPIIO_ cmdGuard discache MpFilter SCDEmu spldr Wanarpv6 08-09-2012 00:19:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Serviço Vodafone Mobile Broadband service to connect. 08-09-2012 00:11:55, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning. 08-09-2012 00:03:40, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 08-09-2012 00:02:35, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 07-09-2012 23:39:32, Error: Service Control Manager [7034] - The COMODO livePCsupport Service service terminated unexpectedly. It has done this 1 time(s). 07-09-2012 23:34:39, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Serviço Vodafone Mobile Broadband service to connect. 05-09-2012 02:17:29, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.75. The computer with the IP address 192.168.1.253 did not allow the name to be claimed by this computer. 04-09-2012 21:51:01, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 04-09-2012 21:35:41, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 04-09-2012 21:34:27, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 04-09-2012 14:01:45, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 14:01:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 04-09-2012 14:01:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 04-09-2012 13:54:30, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ATKWMIACPIIO_ cmdGuard cmdHlp DfsC discache inspect MpFilter NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:41:02, Error: Application Popup [1060] - \??\C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 04-09-2012 12:12:40, Error: Service Control Manager [7031] - The Serviço Vodafone Mobile Broadband service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 02-09-2012 19:59:42, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 02-09-2012 18:02:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Serviço Vodafone Mobile Broadband service to connect. 02-09-2012 01:49:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 01-09-2012 22:43:10, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 01-09-2012 20:33:45, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. . ==== End Of File ===========================
  6. Not a big issue, but I cant seem to make it so FF recognizes I have latest java version. On the add-ons tab, when I click check if they are up to date, it still says I do have Java Deployment Toolkit 6.0.330.3 and Java Platform SE 6 U33 I re-ran the JavaRa and did the same steps as you said in your 1st post, but this do not refresh, even though if I try to install it it says I already have that version installed.
  7. Yes it seems so, the only issue was the problem when creating new tabs which was fixed by resetting FF. OS and browser seem to be running fine so I guess I have no other hidden threats.
  8. It Solved the issue thanks, too bad it had to fully reset FF settings. I do have a profile backup created prior to being infected is it ok to import it, or should I start it fresh? Regards
  9. Firefox only, no issues on IE. I don't have Chrome though to see if its has issues.
  10. Oh doing a search for OTL to delete it, yes I had it on desktop anyways I found it had created what seems to be a log. Is this helpful? OTL logfile created on: 9/8/2012 5:25:16 PM - Run 1 OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\Diogo\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 7.91 Gb Total Physical Memory | 6.62 Gb Available Physical Memory | 83.62% Memory free 15.83 Gb Paging File | 14.54 Gb Available in Paging File | 91.91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 250.05 Gb Total Space | 149.97 Gb Free Space | 59.98% Space Free | Partition Type: NTFS Drive D: | 321.12 Gb Total Space | 38.83 Gb Free Space | 12.09% Space Free | Partition Type: NTFS Computer Name: DIOGO-ASUS | User Name: Diogo | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/08 16:40:51 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Diogo\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012/03/11 22:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:64bit: - [2011/11/23 11:27:10 | 001,267,000 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV:64bit: - [2011/05/02 22:27:50 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2011/05/02 22:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011/05/02 22:10:26 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2011/03/04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Stopped] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/04/17 00:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/09/07 23:36:17 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/09/03 21:25:09 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/08/11 17:29:00 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012/01/08 00:21:39 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/06/25 12:57:36 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2000/01/01 01:00:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012/03/11 22:13:40 | 000,022,696 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/12/08 05:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2011/12/08 05:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:64bit: - [2011/12/08 05:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2011/12/08 05:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011/12/08 05:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011/12/08 05:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:64bit: - [2011/12/08 05:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011/12/08 05:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011/11/15 04:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2011/05/01 22:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/12/13 22:12:40 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver) DRV:64bit: - [2010/11/20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/09/23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010/08/03 19:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV:64bit: - [2010/07/15 09:44:20 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2010/07/15 09:44:20 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2010/06/10 17:11:40 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2010/04/30 20:32:28 | 000,135,168 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet) DRV:64bit: - [2010/04/30 20:32:28 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zteusbvoice.sys -- (ZTEusbvoice) DRV:64bit: - [2010/04/30 20:32:28 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2010/04/30 20:32:28 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2010/04/30 20:32:28 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2010/04/17 00:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/03/01 18:35:26 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV:64bit: - [2009/10/05 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/09/03 17:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB) DRV:64bit: - [2009/07/20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2008/04/17 13:12:54 | 000,019,304 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2000/01/01 01:00:00 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2000/01/01 01:00:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV - [2010/07/26 21:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_) DRV - [2010/07/15 09:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2010/07/15 09:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT'>http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/|http://hattrick.org/StartPage.aspx?|http://9gag.com/" FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1 FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..extensions.enabledAddons: foxmarks@kei.com:4.0.5 FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.137.0 FF - prefs.js..extensions.enabledAddons: pt-PT@dictionaries.addons.mozilla.org:12.3.12.0 FF - prefs.js..extensions.enabledAddons: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:7.0.3.2 FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120515 FF - prefs.js..extensions.enabledAddons: en-US@dictionaries.addons.mozilla.org:6.0 FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.4.5 FF - prefs.js..extensions.enabledAddons: {20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}:4.0.10 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Diogo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Diogo\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 23:36:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 23:36:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/03 03:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Extensions [2012/06/03 03:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions [2012/06/03 03:20:21 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2012/06/03 03:20:21 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012/06/03 03:20:21 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\battlefieldheroespatcher@ea.com [2012/06/03 03:20:21 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\en-US@dictionaries.addons.mozilla.org [2012/06/03 03:20:21 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\foxmarks@kei.com [2012/06/03 03:20:19 | 000,000,000 | ---D | M] (Corretor para Português de Portugal) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\pt-PT@dictionaries.addons.mozilla.org [2012/09/03 15:11:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions [2012/06/28 23:39:39 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2012/09/03 15:11:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012/06/03 03:26:17 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\battlefieldheroespatcher@ea.com [2012/06/03 03:26:16 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\en-US@dictionaries.addons.mozilla.org [2012/08/24 21:04:38 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\foxmarks@kei.com [2012/07/11 13:48:35 | 000,000,000 | ---D | M] (Corretor para Português de Portugal) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\pt-PT@dictionaries.addons.mozilla.org [2012/07/18 22:23:27 | 000,000,000 | ---D | M] (rein) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\rein@notiz.jp [2012/05/31 02:41:35 | 000,336,363 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012/05/31 02:41:25 | 001,012,623 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi [2011/12/20 00:23:09 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012/01/06 03:38:05 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/08/15 20:50:59 | 000,340,132 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012/06/03 04:00:37 | 001,012,623 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{20C3BDFF-DA68-468d-8D9A-F5A6C76B0F9E}.xpi [2011/12/20 00:23:09 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012/06/03 04:04:04 | 000,935,885 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{9998A493-980E-4716-81BC-F0C77001E9B7}.xpi [2012/07/25 04:43:54 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/06/02 01:22:48 | 000,002,537 | ---- | M] () -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\searchplugins\imdb.xml [2012/06/02 01:22:48 | 000,001,071 | ---- | M] () -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\searchplugins\torrentz.xml [2012/06/02 01:22:48 | 000,002,385 | ---- | M] () -- C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\searchplugins\youtube.xml [2012/09/07 23:35:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/09/07 23:35:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012/09/07 23:36:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/09/03 20:22:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/09/03 20:22:47 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012/09/08 00:30:58 | 000,443,434 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 15257 more lines... O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ASUSPRP] c:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.) O4:64bit: - HKLM..\Run: [ASUSWebStorage] c:\program files (x86)\asus\asus webstorage\3.0.84.161\asuswspanel.exe (ecareme) O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelPAN] c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Wireless Console 3] c:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4076035716-2528701851-1871128028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{219839D1-ACAD-4244-A44F-09C85CB40F84}: DhcpNameServer = 212.18.160.133 212.18.160.134 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D8F61AAA-ADFC-4135-BE93-8CD0D2E5871E}: DhcpNameServer = 192.168.1.254 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}: DhcpNameServer = 192.168.1.254 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/09/08 16:41:12 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Diogo\Desktop\OTL.exe [2012/09/08 00:15:20 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/09/08 00:11:28 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012/09/07 23:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/09/05 16:04:47 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Diogo\Desktop\dds.com [2012/09/05 15:01:01 | 010,901,120 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Diogo\Desktop\AppRemover.exe [2012/09/04 22:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/09/04 22:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2012/09/04 22:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2012/09/04 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012/09/04 22:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012/09/04 21:34:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/09/04 21:34:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/09/04 21:34:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/09/04 21:30:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/09/04 21:29:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/09/04 21:28:35 | 004,749,820 | R--- | C] (Swearware) -- C:\Users\Diogo\Desktop\ComboFix.exe [2012/09/04 21:25:39 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Diogo\Desktop\TDSSKiller.exe [2012/09/04 13:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking [2012/09/04 13:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking [2012/09/04 13:39:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker [2012/09/04 13:39:21 | 000,000,000 | ---D | C] -- C:\Users\Diogo\Downloads [2012/09/04 13:24:43 | 003,065,008 | ---- | C] (Safer Networking Limited) -- C:\Users\Diogo\Desktop\RootAlyzer.exe [2012/09/03 22:55:46 | 000,000,000 | ---D | C] -- C:\Users\Diogo\Documents\WB Games [2012/09/03 21:29:59 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012/09/02 19:07:59 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe [2012/08/24 21:12:12 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Roaming\FLEXnet [2012/08/23 15:35:40 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Roaming\Vodafone [2012/08/23 15:35:31 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\zteusbvoice.sys [2012/08/23 15:35:29 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys [2012/08/23 15:35:28 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys [2012/08/23 15:35:27 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys [2012/08/23 15:35:27 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys [2012/08/23 15:35:26 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys [2012/08/23 15:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone [2012/08/23 15:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone [2012/08/21 19:00:50 | 000,000,000 | ---D | C] -- C:\Users\Diogo\Documents\Aimersoft Video Converter Ultimate [2012/08/21 19:00:50 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Roaming\Aimersoft Video Converter Ultimate [2012/08/21 19:00:42 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Local\Aimersoft [2012/08/21 19:00:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aimersoft [2012/08/21 19:00:30 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\Windows\SysWow64\iconv.dll [2012/08/14 20:39:04 | 000,000,000 | ---D | C] -- C:\Users\Diogo\Desktop\New folder [2012/08/11 17:32:00 | 000,000,000 | ---D | C] -- C:\Users\Diogo\AppData\Local\SKIDROW [2012/08/11 17:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012/08/11 17:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012/08/11 17:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012/08/11 17:20:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012/08/09 18:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Data Recovery Wizard Professional 5.5.1 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/09/08 17:23:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/08 17:23:33 | 2078,105,599 | -HS- | M] () -- C:\hiberfil.sys [2012/09/08 17:23:03 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012/09/08 17:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/09/08 16:40:51 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Diogo\Desktop\OTL.exe [2012/09/08 13:33:17 | 000,759,042 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/09/08 13:33:17 | 000,638,696 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/09/08 13:33:17 | 000,115,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/09/08 03:18:14 | 000,991,080 | ---- | M] () -- C:\Users\Diogo\Desktop\Untitled.png [2012/09/08 00:30:58 | 000,443,434 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/09/08 00:27:02 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/08 00:27:02 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/08 00:19:37 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2012/09/08 00:11:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120908-003058.backup [2012/09/07 23:41:34 | 004,749,820 | R--- | M] (Swearware) -- C:\Users\Diogo\Desktop\ComboFix.exe [2012/09/05 15:41:11 | 000,511,265 | ---- | M] () -- C:\Users\Diogo\Desktop\adwcleaner.exe [2012/09/05 15:00:53 | 010,901,120 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Diogo\Desktop\AppRemover.exe [2012/09/05 02:21:30 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Diogo\Desktop\dds.com [2012/09/04 22:30:05 | 000,001,270 | ---- | M] () -- C:\Users\Diogo\Desktop\Revo Uninstaller.lnk [2012/09/03 20:29:33 | 000,001,433 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2012/08/24 15:15:33 | 000,002,362 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2012/08/24 14:28:40 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Diogo\Desktop\TDSSKiller.exe [2012/08/23 15:35:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf [2012/08/23 15:35:04 | 000,002,747 | ---- | M] () -- C:\Users\Public\Desktop\SMS.lnk [2012/08/23 15:35:04 | 000,002,198 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk [2012/08/16 19:58:42 | 000,000,132 | ---- | M] () -- C:\Users\Diogo\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012/08/15 20:44:46 | 000,423,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/09/08 03:18:14 | 000,991,080 | ---- | C] () -- C:\Users\Diogo\Desktop\Untitled.png [2012/09/05 15:41:22 | 000,511,265 | ---- | C] () -- C:\Users\Diogo\Desktop\adwcleaner.exe [2012/09/04 22:30:05 | 000,001,270 | ---- | C] () -- C:\Users\Diogo\Desktop\Revo Uninstaller.lnk [2012/09/04 21:34:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/09/04 21:34:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/09/04 21:34:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/09/04 21:34:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/09/04 21:34:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/09/02 19:07:48 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys [2012/08/23 15:35:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf [2012/08/23 15:35:04 | 000,002,747 | ---- | C] () -- C:\Users\Public\Desktop\SMS.lnk [2012/08/23 15:35:04 | 000,002,198 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk [2012/08/21 19:00:30 | 000,675,840 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.ax [2012/08/21 19:00:30 | 000,496,640 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax [2012/07/15 21:21:53 | 000,005,649 | ---- | C] () -- C:\Windows\wininit.ini [2012/05/30 23:11:56 | 000,010,752 | ---- | C] () -- C:\Users\Diogo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012/03/15 08:19:18 | 002,217,088 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012/03/15 08:19:18 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012/03/15 08:19:18 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012/03/15 08:19:18 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012/03/15 08:19:18 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012/02/27 18:02:43 | 000,000,044 | ---- | C] () -- C:\Users\Diogo\jagex_cl_runescape_LIVE.dat [2012/02/27 18:02:43 | 000,000,024 | ---- | C] () -- C:\Users\Diogo\random.dat [2012/02/14 19:47:06 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012/02/14 19:47:06 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012/02/03 10:29:56 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2012/01/31 02:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012/01/31 02:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012/01/31 02:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012/01/31 02:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012/01/31 02:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012/01/30 14:38:21 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth2.dll [2012/01/30 14:38:21 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\grcauth1.dll [2012/01/30 14:38:21 | 000,000,100 | ---- | C] () -- C:\Windows\SysWow64\prsgrc.dll [2012/01/30 14:36:50 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll [2012/01/30 14:36:50 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll [2012/01/28 00:14:40 | 000,000,132 | ---- | C] () -- C:\Users\Diogo\AppData\Roaming\Adobe GIF Format CS5 Prefs [2012/01/24 06:08:28 | 000,000,132 | ---- | C] () -- C:\Users\Diogo\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012/01/11 06:22:36 | 000,764,888 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/01/09 04:19:50 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini [2012/01/09 04:03:41 | 000,000,567 | ---- | C] () -- C:\Windows\Settings.ini [2012/01/08 00:21:42 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/01/08 00:21:39 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/12/28 19:43:23 | 000,000,036 | ---- | C] () -- C:\Users\Diogo\.org.eclipse.epp.usagedata.recording.userId [2011/12/20 00:42:22 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/12/20 00:42:21 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/12/20 00:42:21 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/12/20 00:42:21 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2011/12/20 00:42:21 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/05/31 08:01:33 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2010/06/21 18:05:34 | 000,157,470 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== LOP Check ========== [2012/09/02 18:00:43 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit [2012/09/02 18:00:43 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit [2012/08/21 19:00:50 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Aimersoft Video Converter Ultimate [2011/12/20 01:25:21 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\ASUS WebStorage [2012/02/24 02:47:01 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Electronic Arts [2012/07/22 16:57:12 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Hive Cluster [2012/06/28 14:46:47 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\IObit [2011/12/20 02:13:20 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\LolClient [2012/06/10 19:05:07 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\LolClient2 [2012/08/06 03:21:38 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\MAXON [2012/09/07 00:30:48 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\MediaMonkey [2012/08/12 03:47:04 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Mumble [2012/09/04 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Notepad++ [2012/08/05 01:24:37 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\PC Communicator 2.0 [2012/03/15 07:07:21 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Samsung [2012/05/30 23:11:56 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Solveig Multimedia [2012/01/24 18:34:06 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\TeamViewer [2012/03/15 06:56:47 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Temp [2012/09/04 12:16:26 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\TS3Client [2012/01/08 01:22:40 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\ts3overlay [2011/12/23 17:57:34 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Unity [2012/09/05 15:40:31 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\uTorrent [2012/08/23 15:35:40 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Vodafone [2012/06/15 21:57:48 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Windows Authenticator [2011/12/22 22:55:02 | 000,000,000 | ---D | M] -- C:\Users\Diogo\AppData\Roaming\Zeon [2012/02/13 16:15:54 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  11. Same issue on safe mode with network http://img507.imageshack.us/img507/4097/97706999.png
  12. When running it with the settings you said after a while a window pops saying "list index out of bouds (29)" and the scan stops.
  13. Step 1: AdwCleaner Log: # AdwCleaner v2.000 - Logfile created 09/07/2012 at 23:32:41 # Updated 30/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Diogo - DIOGO-ASUS # Boot Mode : Normal # Running from : C:\Users\Diogo\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\ProgramData\Partner ***** [Registry] ***** Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKLM\Software\Web Assistant Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope] -\\ Mozilla Firefox v15.0 (en-US) Profile name : default File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\prefs.js C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\user.js ... Deleted ! Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); Profile name : Diogo [Profil par défaut] File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\prefs.js C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\user.js ... Deleted ! Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); Profile name : diogo_New File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\x5trdy4p.diogo_New\prefs.js Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); ************************* AdwCleaner[R1].txt - [2064 octets] - [05/09/2012 15:44:44] AdwCleaner[R2].txt - [2124 octets] - [05/09/2012 15:47:13] AdwCleaner[R3].txt - [2184 octets] - [05/09/2012 16:02:58] AdwCleaner[R4].txt - [2244 octets] - [07/09/2012 23:32:19] AdwCleaner[s1].txt - [2659 octets] - [07/09/2012 23:32:41] ########## EOF - C:\AdwCleaner[s1].txt - [2719 octets] ########## Step 2: I could not close the cmdagent.exe, related to the comodo firewall on the task manager, but had the application closed so I guess it did no harm, while combofix and dds ran. Dds Log: ComboFix 12-09-07.03 - Diogo 07-09-2012 23:46:52.2.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.1033.18.8104.5996 [GMT 1:00] Executando de: c:\users\Diogo\Desktop\ComboFix.exe Comandos utilizados :: c:\users\Diogo\Desktop\CFScript.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_KXESCORE . . (((((((((((((((( Arquivos/Ficheiros criados de 2012-08-07 to 2012-09-07 )))))))))))))))))))))))))))) . . 2012-09-07 23:02 . 2012-09-07 23:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-09-07 23:02 . 2012-09-07 23:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-09-07 13:18 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DDFD0EEA-323A-4401-9E22-3AB81CCCCA6B}\mpengine.dll 2012-09-06 20:50 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-05 14:58 . 2012-09-05 14:57 289768 ----a-w- c:\windows\system32\javaws.exe 2012-09-05 14:58 . 2012-09-05 14:58 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2012-09-05 14:58 . 2012-09-05 14:57 189416 ----a-w- c:\windows\system32\javaw.exe 2012-09-05 14:58 . 2012-09-05 14:57 188904 ----a-w- c:\windows\system32\java.exe 2012-09-04 21:51 . 2012-09-04 21:51 -------- d-----w- c:\program files (x86)\ESET 2012-09-04 21:39 . 2010-01-10 17:40 118784 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL 2012-09-04 21:39 . 2012-09-04 21:44 -------- d-----w- c:\program files (x86)\SpywareBlaster 2012-09-04 21:30 . 2012-09-04 21:30 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-09-04 12:48 . 2012-09-04 12:48 -------- d-----w- c:\users\Public\CyberLink 2012-09-04 12:46 . 2012-09-04 12:46 -------- d-----w- c:\program files (x86)\Safer Networking 2012-09-04 12:39 . 2012-09-04 12:42 -------- d-----w- c:\program files (x86)\Unlocker 2012-09-04 11:46 . 2012-09-04 11:46 388096 ----a-r- c:\users\Diogo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-09-03 19:22 . 2012-09-03 19:22 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll 2012-09-02 18:07 . 2012-05-08 17:34 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe 2012-09-02 18:07 . 2010-11-26 17:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys 2012-09-02 17:00 . 2012-09-02 17:00 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-08-24 20:12 . 2012-08-24 20:12 -------- d-----w- c:\users\Diogo\AppData\Roaming\FLEXnet 2012-08-23 14:35 . 2012-08-23 14:35 -------- d-----w- c:\users\Diogo\AppData\Roaming\Vodafone 2012-08-23 14:35 . 2010-04-30 19:32 121344 ----a-w- c:\windows\system32\drivers\zteusbvoice.sys 2012-08-23 14:35 . 2010-04-30 19:32 121344 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys 2012-08-23 14:35 . 2010-04-30 19:32 135168 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys 2012-08-23 14:35 . 2010-04-30 19:32 121344 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys 2012-08-23 14:35 . 2010-04-30 19:32 121344 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys 2012-08-23 14:35 . 2010-06-10 16:11 11776 ----a-w- c:\windows\system32\drivers\massfilter.sys 2012-08-23 14:34 . 2012-08-23 14:34 -------- d-----w- c:\program files (x86)\Vodafone 2012-08-21 18:00 . 2012-08-21 18:00 -------- d-----w- c:\users\Diogo\AppData\Roaming\Aimersoft Video Converter Ultimate 2012-08-21 18:00 . 2012-08-21 18:00 -------- d-----w- c:\users\Diogo\AppData\Local\Aimersoft 2012-08-21 18:00 . 2012-08-21 18:00 -------- d-----w- c:\program files (x86)\Common Files\Aimersoft 2012-08-21 18:00 . 2011-08-31 13:39 892928 ----a-w- c:\windows\SysWow64\iconv.dll 2012-08-21 18:00 . 2011-08-31 13:39 675840 ----a-w- c:\windows\SysWow64\ac3filter.ax 2012-08-21 18:00 . 2011-08-31 13:39 496640 ----a-w- c:\windows\SysWow64\xvid.ax 2012-08-15 11:26 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-08-15 11:06 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-15 11:06 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-15 11:05 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-15 11:05 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-15 11:05 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-15 11:05 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-15 11:03 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-15 11:03 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-15 11:03 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-15 11:03 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-15 11:03 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-15 11:03 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-08-11 16:32 . 2012-08-11 16:32 -------- d-----w- c:\users\Diogo\AppData\Local\SKIDROW 2012-08-11 16:28 . 2012-08-15 19:50 -------- d-----w- c:\program files (x86)\Common Files\Steam 2012-08-11 16:28 . 2012-09-04 11:16 -------- d-----w- c:\program files (x86)\Steam 2012-08-11 16:17 . 2010-06-14 14:26 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-05 14:57 . 2011-12-20 20:29 916456 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-05 14:57 . 2011-12-20 20:29 1034216 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-05 01:17 . 2011-12-19 22:51 45056 ----a-w- c:\windows\system32\acovcnt.exe 2012-09-03 20:25 . 2012-08-07 00:46 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-09-03 20:25 . 2012-08-07 00:46 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 11:20 . 2011-12-21 01:49 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 12:46 . 2011-12-19 23:36 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-26 07:02 . 2012-01-31 01:15 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-06-26 07:02 . 2012-01-31 01:15 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll 2012-06-18 09:55 . 2012-06-18 09:55 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-06-18 09:55 . 2012-02-27 16:48 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-09-04_20.52.36 ))))))))))))))))))))))))))))))))))))))))) . + 2012-06-23 18:21 . 2012-09-04 22:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2012-06-23 18:21 . 2012-09-03 14:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 04:54 . 2012-09-04 22:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-09-04 22:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-09-03 14:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-09-03 14:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-09-04 22:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-02-18 20:13 . 2012-09-05 01:19 48740 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-09-07 22:36 39492 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-12-21 01:41 . 2012-09-07 22:36 11884 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4076035716-2528701851-1871128028-1001_UserData.bin - 2011-12-19 22:49 . 2012-09-04 13:02 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-12-19 22:49 . 2012-09-07 23:03 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-12-19 22:49 . 2012-09-04 13:02 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-12-19 22:49 . 2012-09-07 23:03 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-09-04 13:02 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-09-07 23:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-09-07 23:03 . 2012-09-07 23:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-09-04 13:02 . 2012-09-04 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-09-07 23:03 . 2012-09-07 23:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-09-04 13:02 . 2012-09-04 13:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-12-19 22:54 . 2012-09-07 22:16 313940 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2011-12-20 23:28 . 2012-09-07 22:58 298452 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-07-14 02:36 . 2012-09-07 23:00 638696 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2012-08-29 19:12 638696 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2012-09-07 23:00 115574 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2012-08-29 19:12 115574 c:\windows\system32\perfc009.dat + 2009-07-14 05:12 . 2012-09-07 23:03 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:12 . 2012-09-04 13:02 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2012-05-11 18:45 . 2012-09-07 23:02 805480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2012-05-11 18:45 . 2012-09-04 12:53 805480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2009-07-14 05:01 . 2012-09-04 12:53 406212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-09-07 23:02 406212 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-09-05 14:57 . 2012-09-05 14:57 902144 c:\windows\Installer\2eff8d2.msi + 2012-09-04 22:24 . 2012-09-04 22:24 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe - 2012-06-21 22:22 . 2012-06-21 22:22 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe + 2011-12-19 23:20 . 2012-09-07 23:02 1474832 c:\windows\system32\drivers\sfi.dat - 2011-12-19 23:20 . 2012-09-04 20:47 1474832 c:\windows\system32\drivers\sfi.dat + 2011-12-21 01:03 . 2012-09-07 23:02 3959324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4076035716-2528701851-1871128028-1001-8192.dat + 2011-12-21 01:03 . 2012-09-07 22:33 5359416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4076035716-2528701851-1871128028-1001-12288.dat + 2011-12-21 01:03 . 2012-09-04 21:16 12193201 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4076035716-2528701851-1871128028-1001-4096.dat + 2012-09-04 22:24 . 2012-09-04 22:24 19337216 c:\windows\Installer\3dcfba.msi . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528] FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-8-7 12862] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2000-01-01 1262400] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 250568] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328] R3 cphs;Intel® Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-19 276248] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344] R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2010-06-10 11776] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-03 114144] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-12-08 146920] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-21 1255736] R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2010-04-30 135168] R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2010-04-30 121344] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2000-01-01 28992] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720] S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024] S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2012-03-11 22696] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-03-11 577824] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-03-11 43248] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520] S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832] S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928] S2 VmbService;Serviço Vodafone Mobile Broadband;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-06-25 9216] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2000-01-01 565352] S3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-03-01 75776] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Conteúdo da pasta 'Tarefas Agendadas' . 2012-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 20:25] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wireless Console 3"="c:\program files (x86)\asus\wireless console 3\wcourier.exe" [2010-09-23 1601536] "IntelPAN"="c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe" [2011-05-02 1935120] "ASUSWebStorage"="c:\program files (x86)\asus\asus webstorage\3.0.84.161\asuswspanel.exe" [2011-02-23 731472] "ASUSPRP"="c:\program files (x86)\asus\aprp\aprp.exe" [2011-04-13 2018032] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] "combofix"="c:\combofix\CF16353.3XE" [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll . ------- Scan Suplementar ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\64F4E4F5A5F4E4F564255454F594E4455425E45445: NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\7657563747D256D255: NameServer = 8.26.56.26,156.154.70.22 FF - ProfilePath - c:\users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\ FF - prefs.js: browser.search.selectedEngine - YouTube FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxps://www.google.com/webhp?ie=UTF-8&oe=utf-8 . - - - - ORFãOS REMOVIDOS - - - - . Toolbar-Locked - (no file) . . . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93, aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83 "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,78,6a, 1a,82,e9,65,3d,9d,e9,17,af,a2,b0,e5,ab . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:b4,8f,30,a3,d1,07,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,1a,9b,0e,aa,77,9f,42,bf,83,52,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,1a,9b,0e,aa,77,9f,42,bf,83,52,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Outros Processos em Execução ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe . ************************************************************************** . Tempo para conclusão: 2012-09-08 00:15:18 - Máquina reiniciou ComboFix-quarantined-files.txt 2012-09-07 23:15 ComboFix2.txt 2012-09-04 20:59 . Pré-execução: 161.593.835.520 bytes free Pós execução: 161.230.667.776 bytes free . - - End Of File - - 48C73621AE2B4C4DE8A40F1078976B84 Thanks in advance
  14. Step 1 Ok, lets get started I ran AppRemover>Clean Up a Failed Uninstall but after the scan completion no applications showed up for me to select and i was unable to continue. Step 2 AdwCleaner Log: # AdwCleaner v2.000 - Logfile created 09/05/2012 at 16:02:58 # Updated 30/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Diogo - DIOGO-ASUS # Boot Mode : Normal # Running from : C:\Users\Diogo\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\ProgramData\Partner ***** [Registry] ***** Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKLM\Software\Web Assistant Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v15.0 (en-US) Profile name : default File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\cmywiepf.default\prefs.js Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); Profile name : Diogo [Profil par défaut] File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\prefs.js Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); Profile name : diogo_New File : C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\x5trdy4p.diogo_New\prefs.js Found : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb178?a=6PQIwUnwYg&loc=FF_NT"); ************************* AdwCleaner[R1].txt - [2064 octets] - [05/09/2012 15:44:44] AdwCleaner[R2].txt - [2124 octets] - [05/09/2012 15:47:13] AdwCleaner[R3].txt - [2061 octets] - [05/09/2012 16:02:58] ########## EOF - C:\AdwCleaner[R3].txt - [2121 octets] ########## Step 3 I guess when you said "Remove JRE" its the "remove older versions", which i did. JavaRa Log: JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Sep 05 15:50:29 2012 ------------------------------------ Finished reporting. Step 4 DDS Log: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33 Run by Diogo at 16:04:53 on 2012-09-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.351.1033.18.8104.6030 [GMT 1:00] . AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0} AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Windows\System32\igfxtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\PROGRAM FILES (X86)\ASUS\SONIC FOCUS\SONICFOCUSTRAY.EXE C:\Program Files\ELANTECH\ETDCTRL.EXE C:\PROGRAM FILES (X86)\INTEL\INTEL® RAPID STORAGE TECHNOLOGY\IASTORICON.EXE C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Windows\system32\msiexec.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://asus.msn.com uInternet Settings,ProxyOverride = local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{219839D1-ACAD-4244-A44F-09C85CB40F84} : DhcpNameServer = 212.18.160.133 212.18.160.134 TCP: Interfaces\{D8F61AAA-ADFC-4135-BE93-8CD0D2E5871E} : DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40} : DhcpNameServer = 192.168.1.254 192.168.1.254 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\56465727F616D6 : DhcpNameServer = 10.19.90.11 193.136.188.249 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\64F4E4F5A5F4E4F564255454F594E4455425E45445 : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\64F4E4F5A5F4E4F564255454F594E4455425E45445 : DhcpNameServer = 192.168.3.1 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\7657563747D256D255 : NameServer = 8.26.56.26,156.154.70.22 TCP: Interfaces\{DC77A0DB-591E-49B8-98D2-37496E163A40}\7657563747D256D255 : DhcpNameServer = 193.136.188.249 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\guard32.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\ FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxps://www.google.com/webhp?ie=UTF-8&oe=utf-8 FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Diogo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Diogo\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll FF - plugin: C:\Users\Diogo\AppData\Roaming\Mozilla\Firefox\Profiles\owafkuao.Diogo\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- # Mozilla User Preferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config * For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs */ . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?] R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024] R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\system32\DRIVERS\cmderd.sys --> C:\Windows\system32\DRIVERS\cmderd.sys [?] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-1-6 913792] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-7 13592] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928] R2 VmbService;Serviço Vodafone Mobile Broadband;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-6-25 9216] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum;C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys --> C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-7-16 1262400] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-7 250568] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248] S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-3-15 14216] S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-3-15 8456] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] S3 massfilter;MBB Mass Storage Filter Driver;C:\Windows\system32\DRIVERS\massfilter.sys --> C:\Windows\system32\DRIVERS\massfilter.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-3 114144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 ZTEusbnet;ZTE USB-NDIS miniport;C:\Windows\system32\DRIVERS\ZTEusbnet.sys --> C:\Windows\system32\DRIVERS\ZTEusbnet.sys [?] S3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\system32\DRIVERS\ZTEusbvoice.sys --> C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-09-05 14:58:03 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2012-09-04 21:51:00 -------- d-----w- C:\Program Files (x86)\ESET 2012-09-04 21:39:21 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2012-09-04 21:39:04 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2012-09-04 21:30:04 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-09-04 21:18:19 -------- d-sh--w- C:\$RECYCLE.BIN 2012-09-04 20:34:05 98816 ----a-w- C:\Windows\sed.exe 2012-09-04 20:34:05 518144 ----a-w- C:\Windows\SWREG.exe 2012-09-04 20:34:05 256000 ----a-w- C:\Windows\PEV.exe 2012-09-04 20:34:05 208896 ----a-w- C:\Windows\MBR.exe 2012-09-04 12:46:47 -------- d-----w- C:\Program Files (x86)\Safer Networking 2012-09-04 12:39:59 -------- d-----w- C:\Program Files (x86)\Unlocker 2012-09-04 11:46:15 388096 ----a-r- C:\Users\Diogo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-09-04 11:10:21 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5FFB3417-A74C-4469-B615-77737F65DC07}\mpengine.dll 2012-09-03 19:40:44 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-03 19:22:58 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll 2012-09-02 18:07:59 32600 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe 2012-09-02 18:07:48 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys 2012-08-24 20:12:12 -------- d-----w- C:\Users\Diogo\AppData\Roaming\FLEXnet 2012-08-23 14:35:40 -------- d-----w- C:\Users\Diogo\AppData\Roaming\Vodafone 2012-08-23 14:35:31 121344 ----a-w- C:\Windows\System32\drivers\zteusbvoice.sys 2012-08-23 14:35:29 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbnmea.sys 2012-08-23 14:35:28 135168 ----a-w- C:\Windows\System32\drivers\ZTEusbnet.sys 2012-08-23 14:35:27 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbser6k.sys 2012-08-23 14:35:27 121344 ----a-w- C:\Windows\System32\drivers\ZTEusbmdm6k.sys 2012-08-23 14:35:26 11776 ----a-w- C:\Windows\System32\drivers\massfilter.sys 2012-08-23 14:34:45 -------- d-----w- C:\Program Files (x86)\Vodafone 2012-08-21 18:00:50 -------- d-----w- C:\Users\Diogo\AppData\Roaming\Aimersoft Video Converter Ultimate 2012-08-21 18:00:42 -------- d-----w- C:\Users\Diogo\AppData\Local\Aimersoft 2012-08-21 18:00:41 -------- d-----w- C:\Program Files (x86)\Common Files\Aimersoft 2012-08-21 18:00:30 892928 ----a-w- C:\Windows\SysWow64\iconv.dll 2012-08-21 18:00:30 675840 ----a-w- C:\Windows\SysWow64\ac3filter.ax 2012-08-21 18:00:30 496640 ----a-w- C:\Windows\SysWow64\xvid.ax 2012-08-15 11:26:30 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-08-15 11:06:12 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-08-15 11:06:11 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-08-15 11:05:47 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-08-15 11:05:47 67072 ----a-w- C:\Windows\splwow64.exe 2012-08-15 11:05:47 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-15 11:05:47 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-08-15 11:03:57 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-08-15 11:03:57 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-15 11:03:57 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-15 11:03:51 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-08-15 11:03:40 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-08-11 16:32:00 -------- d-----w- C:\Users\Diogo\AppData\Local\SKIDROW 2012-08-11 16:28:29 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2012-08-11 16:28:28 -------- d-----w- C:\Program Files (x86)\Steam 2012-08-11 16:20:31 -------- d-----w- C:\Windows\SysWow64\directx 2012-08-11 16:17:54 1998168 ----a-w- C:\Windows\System32\D3DX9_43.dll 2012-08-07 00:46:03 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-07 00:46:03 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-09-05 14:57:59 916456 ----a-w- C:\Windows\System32\deployJava1.dll 2012-09-05 14:57:59 1034216 ----a-w- C:\Windows\System32\npdeployJava1.dll 2012-09-05 01:17:29 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2012-07-03 12:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-26 07:02:40 330240 ----a-w- C:\Windows\MASetupCaller.dll 2012-06-26 07:02:38 45320 ----a-w- C:\Windows\SysWow64\MAMACExtract.dll 2012-06-18 09:55:16 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-06-18 09:55:16 472840 ----a-w- C:\Windows\SysWow64\deployJava1.dll . ============= FINISH: 16:07:24,29 =============== Attachment: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 19-12-2011 22:51:07 System Uptime: 05-09-2012 10:28:27 (6 hours ago) . Motherboard: ASUSTeK Computer Inc. | | K53SV Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU 1 | 2001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 250 GiB total, 153,318 GiB free. D: is FIXED (NTFS) - 321 GiB total, 38,836 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP157: 02-09-2012 21:33:54 - Scheduled Checkpoint RP158: 03-09-2012 22:54:55 - Installed DirectX RP159: 04-09-2012 23:23:24 - Windows Update RP160: 05-09-2012 15:57:22 - Installed Java 7 Update 7 (64-bit) . ==== Installed Programs ====================== . ??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? ???? ??? Windows Live ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? ??????? Windows Live Mesh ActiveX ??? ???????? ?????????? Windows Live ?????????? Windows Live Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Advanced SystemCare 5 ASUS AI Recovery ASUS FancyStart ASUS K3 Series ScreenSaver ASUS LifeFrame3 ASUS Live Update ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS WebStorage AsusVibe2.0 ATK Package Battlefield Heroes Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diablo III EA SPORTS Game Face Browser Plugin 1.5.3.0 EASEUS Data Recovery Wizard Professional 5.5.1 EASEUS Partition Master 6.5.2 Home Edition ESET Online Scanner v3 Facebook Video Calling 1.2.0.159 Fallout New Vegas Galeria de Fotografias do Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live GEAR driver installer Google Update Helper Gotham City Impostors: Free To Play HiJackThis Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HyperCam 3 Intel PROSet Wireless Intel® Control Center Intel® Processor Graphics Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 33 Junk Mail filter update K-Lite Codec Pack 8.0.7 (Full) League of Legends Malwarebytes Anti-Malware version 1.62.0.1300 MediaMonkey 4.0 Mesh Runtime Microsoft .NET Framework 1.1 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft XNA Framework Redistributable 4.0 Mozilla Firefox 15.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mumble 1.2.3 Notepad++ NVIDIA PhysX Pando Media Booster Plants vs Zombies PowerISO PunkBuster Services Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Reader Driver Revo Uninstaller 1.94 RunAlyzer S?????? f?t???af??? t?? Windows Live Samsung Kies Samsung New PC Studio Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Skype™ 5.10 SlimDrivers Smart Defrag 2 Sonic Focus SPSS Statistics 17.0 Spybot - Search & Destroy SpywareBlaster 4.6 St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Steam syncables desktop SE TI Connect 1.6 TI NoteFolio Creator Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Vodafone Mobile Broadband Lite Vodafone web phone Windows Live Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash Wireless Console 3 World of Goo Xfire (remove only) . ==== Event Viewer Messages From Past Week ======== . 31-08-2012 18:45:26, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 31-08-2012 14:33:53, Error: Tcpip [4199] - The system detected an address conflict for IP address 188.37.87.205 with the system having network hardware address 02-50-F3-00-00-00. Network operations on this system may be disrupted as a result. 31-08-2012 14:24:44, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.81.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 31-08-2012 11:06:52, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.81.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 30-08-2012 23:50:40, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.81.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 29-08-2012 20:09:50, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.2.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 05-09-2012 02:19:12, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 05-09-2012 02:19:12, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. 05-09-2012 02:17:29, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.75. The computer with the IP address 192.168.1.253 did not allow the name to be claimed by this computer. 05-09-2012 02:16:52, Error: Service Control Manager [7003] - The ATKGFNEX Service service depends the following service: ASMMAP64. This service might not be installed. 04-09-2012 21:52:13, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 04-09-2012 21:51:01, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 04-09-2012 21:35:41, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 04-09-2012 21:34:32, Error: Service Control Manager [7034] - The COMODO livePCsupport Service service terminated unexpectedly. It has done this 1 time(s). 04-09-2012 21:34:27, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 04-09-2012 14:01:45, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 14:01:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 04-09-2012 14:01:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 04-09-2012 14:01:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 04-09-2012 14:01:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 04-09-2012 14:01:43, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 04-09-2012 14:01:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 04-09-2012 13:54:30, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ATKWMIACPIIO_ cmdGuard cmdHlp DfsC discache inspect MpFilter NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:54:30, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 04-09-2012 13:41:02, Error: Application Popup [1060] - \??\C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 04-09-2012 12:12:40, Error: Service Control Manager [7031] - The Serviço Vodafone Mobile Broadband service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 04-09-2012 01:39:42, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02-09-2012 19:59:42, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 02-09-2012 18:02:13, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Serviço Vodafone Mobile Broadband service to connect. 02-09-2012 01:49:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 01-09-2012 22:43:10, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 01-09-2012 20:33:45, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.233.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. . ==== End Of File =========================== Thanks in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.